Premera Blue Cross settles state data breach investigations for $10 million
The largest health insurance company in the Pacific Northwest says it will pay $10.4 million to 30 states to settle an investigation into a data breach that compromised information on more than 10...
View ArticleWhile Bulgaria investigates financial breach, hackers tease more data
Hackers stole financial information about millions of Bulgarians as part of a security incident at the country’s tax agency in what appears to be the largest breach of personal information to ever...
View ArticleBulgaria hacking suspect worked on government cybersecurity before tax agency...
Bulgarian authorities have arrested a 20-year-old government contractor in connection with a hack on the country’s national tax agency that involved information about roughly 5 million adults,...
View ArticleEquifax expected to settle breach investigations for $700 million
Credit monitoring firm Equifax has agreed to pay up to $700 million to settle investigations from U.S. regulators and state attorneys stemming from the 2017 data breach that compromised personal...
View ArticleHackers used password spraying to breach Citrix, investigation confirms
The hackers who breached corporate VPN service provider Citrix last year used an unsophisticated technique that throws commonly used, weak passwords at a system until one works, the company’s...
View ArticleNew York updates its breach notification law in response to Equifax, GDPR
Businesses throughout the U.S. will now be required to notify New Yorkers as quickly as possible when their information is compromised in a security incident, under a bill that Gov. Andrew Cuomo signed...
View ArticleCapital One announces massive data breach; lone suspect arrested in Seattle
Financial giant Capital One announced a large data breach Monday, with the company saying that one person accessed personal information of approximately 100 million people in the United States and 6...
View ArticleClues to the alleged Capital One hacker's crimes were all over the internet
The hacker who allegedly infiltrated Capital One to access personal information belonging to roughly 106 million people made it easy for the FBI to track her down: there were clues spread across a...
View ArticleWhat Capital One's cybersecurity team did (and did not) get right
There was no months-old, unpatched Apache flaw. A S3 bucket wasn’t publicly accessible to anyone with an internet connection. There was no effort to hide what happened behind the company’s bug bounty...
View ArticleFacebook rejects new allegation that it protected employees over users in...
A class-action lawsuit over a 2018 breach of Facebook has another wrinkle: A new court filing reveals allegations that the social media company moved to protect its own employees from the exploited...
View ArticleWhat 'Have I been Pwned?' taught DHS’s internal cyber chief about passwords
A website that informs users if their email address has been swept up in a data breach isn’t just popular with vigilant business owners or private security sleuths. The man charged with protecting the...
View ArticleAs adversaries get craftier, Marine Corps cyber official touts appeal of...
As the Department of Defense tries to be more proactive about preventing hackers from gaining access to its networks, the Marine Corps is working to implement zero-trust security, a top Marine Corps...
View ArticleEquifax settles with Massachusetts, Indiana for nearly $40 million
Nearly three years after one of the largest data breaches in history, state attorneys general still are making Equifax pay. Massachusetts Attorney General Maura Healy announced Friday the credit...
View ArticleFireEye says hackers stole its red-team tools, suggests state-sponsored group...
FireEye, one of the most influential cybersecurity companies in the world, on Tuesday revealed that it had been breached by a suspected state-sponsored hacking group. FireEye CEO Kevin Mandia said...
View ArticleTwitter fined nearly $550,000 in Europe for response to bug that exposed...
Regulators in Ireland have fined Twitter for failing to report a data breach promptly and not adequately documenting the incident, marking the first time the regulator has penalized a “big tech”...
View ArticleFireEye's Mandia on SolarWinds hack: 'This was a sniper round'
The foreign espionage operation that breached several U.S. government agencies through SolarWinds software updates was unique in its methods and stealth, according to FireEye CEO Kevin Mandia, whose...
View ArticleTravel-booking company Sabre Corp. settles with 27 states over breach of...
Sabre Corp. will make a $2.4 million payout and shore up its cybersecurity policies under an agreement with 27 state attorneys general who investigated a breach of its hotel-booking technology. The...
View ArticleClik here to view.
UK arrests suspects tied to WeLeakInfo, a site shuttered for selling breached...
It’s been almost a year since an international sting took down WeLeakInfo, a site that marketed stolen personal data, but its alleged customers are still drawing the attention of law enforcement. The...
View ArticleT-Mobile: Breach exposed call information for some customers
T-Mobile says that it “recently identified and quickly shut down” a data breach that included call-related information about some accounts. The wireless telecommunication firm said in a notice mailed...
View ArticleNot all cyberattacks are created equal: What researchers learned from 103...
There’s a relatively small swath of cyberattacks mixed among the more common variety that are truly extreme, costing tens of million of dollars and beyond, or exposing millions of records. A report out...
View Article
